2015 Projects

Vehicular Ad-hoc Networks are an anticipated mobile ad-hoc system that allows communication between vehicles and roadside infrastructure to increase safety on the road. It is essential that this system is able to send fast and secure messages to prevent accidents. We apply the Ambiguous Multi-Symmetric Cryptographic primitive in four models to vehicular ad-hoc networks for encryption and decryption of safety messages. Finally, we implement AMSC using a mobile Android application. We experiment with multiple Android devices using mobile ad-hoc Bluetooth communication. Furthermore, we examine the time and overhead of this implementation in Android.

We propose a version of RSA encryption that uses the Chinese Remainder Theorem (CRT) for the purpose of concealing multiple plain-texts in one cipher-text. We prove the algorithm mathematically. Furthermore, we prove our algorithm secure against the chosen plaintext (CPA) attack. We also compare textbook RSA against our algorithm and show the security and size advantages. The new algorithm can also take advantage of current methods that speed up the decryption process of RSA. This scheme will become a basis for further one to many public key cryptosystems.

Spyware is a form of malware with the primary intention of stealing information from a victim or monitoring the victim’s online and offline activity. Users may contract spyware through clicking misleading hyperlinks, downloading malicious files, or through an external medium. Anti-malware solutions commonly employ the use of signature-based and heuristic-based detection to detect and remove spyware, which lacks the ability to detect new spyware or mutated traces of existing spyware. The goal of our research is to create a spyware detection solution that will serve three purposes: to appropriately identify and classify unknown files on a spectrum of spyware severity; to introduce a self-adapting structure to detect modified spyware traces; and to increase the accuracy of detection results. Our solution is accomplished through the use of data mining and machine learning concepts and algorithms. We perform two types of data mining on samples, extracting n-grams and Portable Executable structures as features for our machine learning segment. We also introduce a new hybrid learning approach that utilizes both supervised and unsupervised machine learning. A supervised learning algorithm is applied to classify if a file is considered spyware or benign. The files classified as spyware will then be categorized on a severity spectrum using the self-organizing feature map, an unsupervised learning algorithm.

As the usage of JavaScript is taking over web applications, application development, and server side scripting, JavaScript's conciseness is a very important aspect of the language. Static analysis of JavaScript code is very difficult to preform due to its dynamic nature.The JavaScript Abstract Interpreter (JSAI) is designed to be provably sound with respect to a specific concrete semantics for JavaScript, which has been extensively tested against a commercial JavaScript implementation. The built-in domain for String analysis that comes with JSAI distribution is a constant propagation domain. The project will replace the constant propagation domain with the domain of Deterministic Finite Automaton (DFA).
The implementation of string domain using DFA will increase JSAI string domain precision by returning a machine that represents all possible values.

Vehicular ad hoc networks (VANETs) may one day prevent injuries and reduce transportation costs by enabling new traffic safety and traffic management systems, but VANETs raise privacy concerns because they would transmit data which could also be used for unwanted surveillance. Some privacy researchers have proposed application-layer protocols that would require dummy event communications which may lead to network congestion and/or location-based service overhead. This research investigates the degree of additional network congestion and overhead resulting from these protocols.​

Some major concerns in wireless networking are the safety and security of communication channels used by Mobile Ad Hoc Networks (MANETs). Despite common belief, mobility can be used in order to enhance security in mobile networks as opposed to being a detriment. We are investigating the multi-path routing algorithm as a non-cryptographic method to exchange code books on the networking layer. This algorithm will divide the book into shares and send them on different paths to the destination using a most efficient path algorithm for mobile networks. We analyze the effectiveness, efficiency, and impact on security that multi-path can bring to MANETs. By implementing our process, it will increase the difficulty of fully intercepting the code book.